0

This is first time I try NACl.NET which are desribed here well.

Nuget from here

https://www.nuget.org/packages/NaCl.Net/

I take code usage from here

https://github.com/somdoron/nacl.net

I need to exactly do what this guy was trying to do

Sign a message with as small as possible digital signature in c#

He post a very nice answer. But without code.

From Github code I copied it the same for test. (Everything is OK for now)

  var rng = RandomNumberGenerator.Create();
    Curve25519XSalsa20Poly1305.KeyPair(out var aliceSecretKey, out var alicePublicKey);
    Curve25519XSalsa20Poly1305.KeyPair(out var bobSecretKey, out var bobPublicKey);

    Curve25519XSalsa20Poly1305 aliceBox = new Curve25519XSalsa20Poly1305(aliceSecretKey, bobPublicKey);
    Curve25519XSalsa20Poly1305 bobBox = new Curve25519XSalsa20Poly1305(bobSecretKey, alicePublicKey);

    // Generating random nonce
    byte[] nonce = new byte[Curve25519XSalsa20Poly1305.NonceLength];
    rng.GetBytes(nonce);

    // Plaintext message
    byte[] message = Encoding.UTF8.GetBytes("Hey Bob");


    // Prepare the buffer for the ciphertext, must be message length and extra 16 bytes for the authentication tag
    byte[] cipher = new byte[message.Length + Curve25519XSalsa20Poly1305.TagLength];

    // Encrypting using alice box
    aliceBox.Encrypt(cipher, message, nonce);

    // Decrypting using bob box
    byte[] plain = new byte[cipher.Length - Curve25519XSalsa20Poly1305.TagLength];
    bool isVerified = bobBox.TryDecrypt(plain, cipher, nonce);
    var originalmessage = Encoding.UTF8.GetString(plain);

As we all know the RSA, ECC algorithms given private key, public key.

The secure way is that public-key kept for verify signature in the Client application only

While private-key kept for create signature in the License Server only

Now the above library made me mad. It give following keys

aliceSecretKey, alicePublicKey and bobSecretKey, bobPublicKey

I need to give example above for License Server and a Client Application

Assume that Alice is a License Server. Bob is a Client application

So which keys should stored in Client application?

Is it bobSecretKey, alicePublicKey keys that should stored in client application side?

Please accept my apologies, I don't even know how this strange algorithm works!

Administrator
  • 1
  • 1
  • Obviously you seem to want to sign a message. The library you are using does not implement public-key signatures (only secret-key and public-key authenticated encryption, and some primitives). So you need another library, e.g. [libsodium.net](https://github.com/adamcaudill/libsodium-net) with a quite good documentation, see here for [public-key signature](https://bitbeans.gitbooks.io/libsodium-net/content/public-key_cryptography/public-key_signatures.html). For alternatives also consider [this list](https://libsodium.gitbook.io/doc/bindings_for_other_languages). – Topaco May 15 '22 at 06:52
  • But why SAlt.net have private, public secrets for both alice and bob? they also use Curve25519? Do all library are symmetric? Please Execuse me during this is first time I use it – Administrator May 15 '22 at 11:35
  • The posted code implements public-key authenticated encryption. Here a shared secret is determined with X25519 from which a key is derived for a subsequent authenticated encryption, s. e.g. [here](https://bitbeans.gitbooks.io/libsodium-net/content/public-key_cryptography/authenticated_encryption.html). But this is not what you need, since you want to sign. For this purpose use Ed25519 (s. my previous comment). X25519 and Ed25519 both apply private and public keys (but with different intent) and are both based on curve 25519. – Topaco May 15 '22 at 12:28

0 Answers0